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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 02 April 2004 . 
2a)D This action is FINAL. 2b)0 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) £3 Claim(s) 1-22 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-22 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) S The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 02 April 2004 is/are: a)[X] accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
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1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. This action is responsive to the non-provisional application filed on April 2, 2004. 
Claims 1 - 22 are pending. Claims 1, 9, 11, 17, 18 and 22 are independent. 

Specification 

2. The lengthy specification has not been checked to the extent necessary to 
determine the presence of all possible minor errors. Applicant's cooperation is 
requested in correcting any errors of which applicant may become aware in the 
specification. 



Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

4. Claims 18-22 are rejected under 35 U.S.C. 101 because the claimed invention 
is directed to non-statutory subject matter. The claims fail to place the invention 
squarely within one statutory class of invention. On page 17, paragraph 56 of the 
instant specification, applicant has provided evidence that applicant intends the 
"medium" to include signals. As such, the claim is drawn to a form of energy. Energy is 
not one of the four categories of invention and therefore this claims are not statutory. 
Energy is not a series of steps or acts and thus is not a process. Energy is not a 
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physical article or object and as such is not a machine or manufacture. Energy is not a 
combination of substances and therefor not a composition of matter. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

6. Claims 1 - 22 are rejected under 35 U.S.C. 102(b) as being anticipated by Xu et 
al's US Publication 2002/0004773 A1 . Referring to claims 1 and 18, Xu teaches: 

a. Retrieving revoked certificate data from a plurality of certificate issuers, 
and storing the revoked certificate data in a central location (page 3, paragraph 
45). 

b. Receiving a request from a user for access to the web including a user 
certificate, and comparing the user certificate data to the revoked certificate data 
stored in the central location (page 6, paragraph 96). 

c. Selectively authenticating the user as a function of the comparing (page 1 , 
paragraph 3). 

d. Providing the user access to the requested web services once the user is 
authenticated (page 1 , paragraphs 2-3). 

7. Referring to claims 2, and 19, Xu teaches wherein the user certificate data 
includes a unique identifier and authenticating the user includes determining whether 
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the unique identified included with the request corresponds to the revocation list (page 
4, paragraph 55). 

8. Referring to claims 3 and 20, Xu teaches that the user certificate data includes 
an expiration date (page 1 , X509 Certificate Table, Validity Period) and wherein 
determining whether the expiration date is prior to the current date or after the current 
(page 1, paragraph 5), and providing authenticated user access to the requested web 
service when the expiration date is determined to be after the current date (page 6, 
paragraph 96). 

9. Referring to claims 4, and 21 , Xu teaches identifying an address from the user 
certificate data, said address identifying the location of the revoked certificate list, and 
retrieving the revoked certificate data from the location (page 5, paragraph 73). 

10. Referring to claim 5, Xu teaches wherein the identified address is a URL 
corresponding to a web service storing revoked certificate data (page 5, paragraph 73). 

1 1 . Referring to claims 6 and 16, Xu teaches comparing user certificate data to 
stored certificate data to identify a new list of addresses corresponding to a plurality of 
different revoked certificates (page 4, paragraph 62). 

12. Referring to claim 7, Xu teaches identifying the address includes identifying the 
location of a certificate revocation list (page 5, paragraph 73). 

13. Referring to claim 8, Xu teaches wherein retrieving includes retrieving revoked 
certificates previously stored in the central location (page 3, paragraph 41). 

14. Referring to claims 9 and 22, Xu teaches: 
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e. Retrieving the stores revoked certificate data from the central location, and 
determining an update time for each of the one or more certificate issuers, said 
update time specifying a time updated revoked certificate data is published (page 
4, paragraph 53). 

f. Organizing the retrieved revoked certificate data in a sequence according 
to the determined update time (page 4, paragraph 58). 

g. Identifying an address of each of the one or more certificate issuers from 
the retrieved revoked certificate data (page 4, paragraph 53). 

h. Retrieving additional revoked certificate data from the identified addresses 
according to update times (page 3, paragraph 40 and 47). 

15. Referring to claim 10, Xu teaches wherein determining the update times includes 
parsing the retrieved revoked certificate data, and the identifying address of a certificate 
issuer includes parsing the revoked certificate to identify a URL (page 4, paragraph 53). 

1 6. Referring to claim 1 1 , Xu teaches: 

i. A central database (page 1 , paragraph 12). 

j. A fetching server to retrieve the revoked certificate data from a plurality of 
certificate authority servers (page 1, paragraph 12). 
k. An authentication server with a certificate revocation provider loads 
revoked certificate data to determine if the client request is authentic (page 6, 
paragraph 96). 

17. Referring to claim 12, Xu teaches examines an expiration date included in the 
revoked certificate data to determine if the client is authorized to access the requested 
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service (page 6, paragraph 96). The certificate is determined to be revoked according to 
the expiration date included in the certificate (page 1, paragraph 5 and table 2). 

18. Referring to claim 13, Xu teaches further examining the next update time to 
determine if the loaded revoked certificate data is the latest revoked certificate data 
(page 4, paragraph 53). 

19. Referring to claim 14, Xu teaches that the fetching server includes a default 
address identifying the location of a certificate authority server and the fetching server 
retrieves the CRL from the certificate authority having the default address (page 4, 
paragraph 53). 

20. Referring to claim 15, Xu teaches that the fetching server has a fetching table 
maintaining revoked certification data for a plurality of revoked certificates, and wherein 
revoked certificate data maintained in the fetching table identifies an address of a 
certificate authority server maintaining a list of revoked certificates (page 3, Table 1 and 
page 4, paragraph 53). 

21 . Referring to claim 1 7, Xu teaches: 

I. A fetching server for identifying a list of addresses corresponding to a 
plurality of certificate issuers, said fetching server retrieving revoked certificate 
status data (page 4, paragraph 53). 

m. A central database responsive to the retrieved revoked certificate status 
data for storing a list of revoked certificates (page 1 , paragraph 12). 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 



examiner should be directed to Cordelia Kane whose telephone number is 571-272- 



If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



7771 . The examiner can normally be reached on Monday - Thursday 8:00 - 5:00 EST. 





Cordelia Kane 
Patent Examiner 
Art Unit 2132 



